HideMixChin.exe

[Triple6_wild]

hi all .... HELPPPP MEE

my 2nd time trying to wright this

umm well im being flooded with so meny pop ups when i type the word ***** (i cant type it or i will be flooded and have to start post over) IE crashes i get so meny and if i click anything i get flooded also (normally i only get pop ups when i go to newgrounds.com or "COUGH" "COUGH" porno sites 'COUGH" hmm NO WAIT scratch that last one )

but hey i found this .exe on my computer that i didnt put there so any help would be great and someone or somthing is trying to connect to it (info under)

its called HideMixChin.exe

and here is the back trace

Hurricane Electric HURRICANE-3 (NET-66-220-0-0-1)
66.220.0.0 - 66.220.31.255
C2 Media Ltd HURRICANE-CE1076-331 (NET-66-220-17-0-1)
66.220.17.0 - 66.220.17.255

# ARIN WHOIS database, last updated 2004-06-30 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.

FIND THAT F*CKER AND PING HIM TO DEATH (im surpised i got this far without flooding)

other firewall info

07/01/2004 04:58:02 Executable File Change Denied Major Outgoing TCP 66.220.17.152 00-03-42-9E-1E-85 MY IP HERE? 00-50-BA-50-AA-DC C:Program Filesstore knob pileHideMixChin.exe default COMPUTER Normal 1 07/01/2004 04:58:02 07/01/2004 04:58:02

some EASY way to remove this thing so it dont come back would be great lol i checked google and not much comes up on it and none have an easy way to remove it

thanx for the help in advance

ps: if we find an easy way to get rid of it then it might turn into another ndis thread with over 30k views lol will bring new members cuz theres not much on google about it ... im also gonna download ad-aware and run it right now to see if that helps a lil .... i will post a report on it later

Archived topic from Iceteks, old topic ID:2464, old post ID:20726

[Triple6_wild]

http://66.220.17.154/ heres who the ip belongs to (its a search engine site) anyone mind sending a ping of death or dos attack .... trying to connect to my puter so ya know lol its only fair

also the TONS of ads (no joke) i clear my history and then get flooded and crash then check history and there about 600 links all going to ad's lmao well anyways thay all come at once and checked history and this is the one that always pops up first ..i put link in code box (barly get a chance to see link when it pops up)

Code: Select all

 http://nitrous.internetfuel.com/framer.html?lev=2&loc=http%3a%2f%2fnitrous.internetfuel.com%2fadconsoles%2fscreensavers%2fcreatives%2fwarwithiraq%2fwarwithiraq_350x350_2.html [code] 

DO NOT GO TO THAT LINK  lmao war with iraq huh? 

i dont wanna stir the pot  :stir the pot:  so if anyone is brave enuff to risk infection lol can ya plz go exploring at that internetfuel site above to help find away out of this (i think thats where i got the dam problem from cuz pat was looking at tatoos on that site right b4 it all started)

heres a pic of me fighting to find ad-aware lmao(got up to 30 ads a few times) when i finally did get ad-aware i scanned to find 203 infected files (hijackers mostly) but sadly i had to fight my way back to iceteks also after the scan as you can see by pic (in other words it didnt help at all   :no no no:  ) 

 [img]/attachments_legacy/it/post-24-1088686802_Imagejpg.jpg[/img] 


[color=#888888][size=85]Archived topic from Iceteks,  old topic ID:2464, old post ID:20727[/size][/color]

[Red Squirrel]

You got hijcacked, run adaware and spybot. If it still happends you'll have to run hijackthis and post the log.

That IP looks like some kind of search site or something. Huricane electric is a dedicated server provider... this site used to be on their servers but they kept screwing up so the host switched.

Archived topic from Iceteks, old topic ID:2464, old post ID:20728

[syb]

when i had a million pop-up poping up. i just got mozilla and and deleted IE. it's all good now

Archived topic from Iceteks, old topic ID:2464, old post ID:20733